Prevent tokens from being printed to the console. (Configurable.)

2024-11-23 14:09:57 +00:00 · 2020-01-06 01:05:07 -05:00 · 2020-01-06 01:05:07 -05:00 · 396b92e374
commit 396b92e374
parent 112efc13e6
5 changed files with 18 additions and 9 deletions
--- a/README.md
+++ b/README.md
@ -115,6 +115,7 @@ You can execute shell commands on media state using the config file:
 - `client_profile` - The client profile for transcoding. Default: `Plex Home Theater`
    - It may be useful to change this on limited hardware.
    - If you change this, it should be changed to a profile that supports `hls` streaming.
+ - `sanitize_output` - Prevent Plex tokens from being printed to the console. Default: `true`

 ### MPV Configuration

--- a/plex_mpv_shim/client.py
+++ b/plex_mpv_shim/client.py
@ -11,7 +11,7 @@ import socket
 from http.server import HTTPServer
 from http.server import SimpleHTTPRequestHandler
 from socketserver import ThreadingMixIn
-from .utils import upd_token
+from .utils import upd_token, sanitize_msg
 from .conf import settings

 try:
@ -140,9 +140,9 @@ class HttpHandler(SimpleHTTPRequestHandler):

    def handle_request(self, method):
        if 'X-Plex-Device-Name' in self.headers:
-            log.debug("HttpHandler::handle_request request from '%s' to '%s'" % (self.headers["X-Plex-Device-Name"], self.path))
+            log.debug("HttpHandler::handle_request request from '%s' to '%s'" % (self.headers["X-Plex-Device-Name"], sanitize_msg(self.path)))
        else:
-            log.debug("HttpHandler::handle_request request to '%s'" % self.path)
+            log.debug("HttpHandler::handle_request request to '%s'" % sanitize_msg(self.path))

        path  = urllib.parse.urlparse(self.path)
        query = self.get_querydict(path.query)
--- a/plex_mpv_shim/conf.py
+++ b/plex_mpv_shim/conf.py
@ -34,6 +34,7 @@ class Settings(object):
        "remote_kbps_thresh":   5000,
        "transcode_kbps":       2000,
        "client_profile":       "Plex Home Theater",
+        "sanitize_output":      True,
    }

    def __getattr__(self, name):
--- a/plex_mpv_shim/media.py
+++ b/plex_mpv_shim/media.py
@ -10,7 +10,7 @@ except:
    import xml.etree.ElementTree as et

 from .conf import settings
-from .utils import get_plex_url, safe_urlopen, is_local_domain, get_session, reset_session
+from .utils import get_plex_url, safe_urlopen, is_local_domain, get_session, reset_session, sanitize_msg

 log = logging.getLogger('media')

@ -370,7 +370,7 @@ class Video(object):
        rating_key = self.get_rating_key()

        if rating_key is None:
-            log.error("No 'ratingKey' could be found in XML from URL '%s'" % (self.parent.path.geturl()))
+            log.error("No 'ratingKey' could be found in XML from URL '%s'" % (sanitize_msg(self.parent.path.geturl())))
            return False

        url  = urllib.parse.urljoin(self.parent.server_url, '/:/progress')
@ -387,7 +387,7 @@ class Video(object):
        rating_key = self.get_rating_key()

        if rating_key is None:
-            log.error("No 'ratingKey' could be found in XML from URL '%s'" % (self.parent.path.geturl()))
+            log.error("No 'ratingKey' could be found in XML from URL '%s'" % (sanitize_msg(self.parent.path.geturl())))
            return False

        if watched:
--- a/plex_mpv_shim/utils.py
+++ b/plex_mpv_shim/utils.py
@ -4,11 +4,14 @@ import urllib.request, urllib.parse, urllib.error
 import socket
 import ipaddress
 import uuid
+import re

 from .conf import settings
 from datetime import datetime
 from functools import wraps

+PLEX_TOKEN_RE = re.compile("(token|X-Plex-Token)=[^&]*")
+
 log = logging.getLogger("utils")
 plex_eph_tokens = {}
 plex_sessions = {}
@ -103,7 +106,7 @@ def get_plex_url(url, data=None, quiet=False):
        url = "%s%s%s" % (url, sep, urllib.parse.urlencode(data))

    if not quiet:
-        log.debug("get_plex_url Created URL: %s" % url)
+        log.debug("get_plex_url Created URL: %s" % sanitize_msg(url))

    return url

@ -121,13 +124,17 @@ def safe_urlopen(url, data=None, quiet=False):
        page = urllib.request.urlopen(url)
        if page.code == 200:
            return True
-        log.error("Error opening URL '%s': page returned %d" % (url,
+        log.error("Error opening URL '%s': page returned %d" % (sanitize_msg(url),
                                                                page.code))
    except Exception as e:
-        log.error("Error opening URL '%s':  %s" % (url, e))
+        log.error("Error opening URL '%s':  %s" % (sanitize_msg(url), e))

    return False

 def is_local_domain(domain):
    return ipaddress.ip_address(socket.gethostbyname(domain)).is_private

+def sanitize_msg(text):
+    if settings.sanitize_output:
+        return re.sub(PLEX_TOKEN_RE, "\\1=REDACTED", text)
+    return text